Senator Wyden Asks NSA Director Nominee the Right Questions

Lt. Gen. Paul Nakasone, the new nominee to direct the NSA, faced questions Thursday from the Senate Select Committee on Intelligence about how he would lead the spy agency. One committee member, Senator Ron Wyden (D-OR), asked the nominee if he and his agency could avoid the mistakes of the past, and refuse to participate in any new, proposed spying programs that would skirt the law and violate Americans’ constitutional rights.

“In 2001, then-President Bush directed the NSA to conduct an illegal, warrantless wiretapping program. Neither the public nor the full intelligence committee learned about this program until it was revealed in the press,” Wyden said. Wyden, who was a member of the committee in 2001, said he personally learned about the NSA surveillance program—which bypassed judicial review required from the Foreign Intelligence Surveillance Court—by reading about it in the newspaper. Sen. Wyden continued:

“If there was a form of surveillance that currently requires approval by the [Foreign Intelligence Surveillance Court] and you were asked to avoid the court, based on some kind of secret legal analysis, what would you do?”

Lt. Gen. Nakasone deferred, assuring Sen. Wyden that he would receive a “tremendous amount of legal advice” in his new job, if confirmed.

Sen. Wyden interrupted: “Let me just stop it right there, so I can learn something that didn’t take place before. You would, if asked, tell the entire committee that you had been asked to [review such a program]?”

“Senator,” Lt. Gen. Nakasone responded, “I would say that I would consult with the committee—”

“When you say consult,” Wyden interrupted again, “you would inform us that you had been asked to do this?”

Lt. Gen. Nakasone repeated himself: he would consult with the committee, and keep senators involved in such discussions. Lt. Gen. Nakasone added, though, that “at the end of the day, Senator, I would say that there are two things I would do. I would follow the law, and I would ensure, if confirmed, that the agency follows the law.”

Sen. Wyden took it as a win.

“First of all, that’s encouraging,” Wyden said, “because that was not the case back in 2001.”

He continued:

“In 2001, the President said we’re going to operate a program that clearly was illegal. Illegal! You’ve told us now, you’re not going to do anything illegal. That’s a plus. And you told us that you would consult with us if you were ever asked to do something like that. So, I appreciate your answer.”

Sen. Wyden also asked Lt. Gen. Nakasone about encryption. Sen. Wyden asked Lt. Gen. Nakasone if he agreed with encryption experts’ opinion that, if tech companies were required to “permit law enforcement access to Americans’ private communications and data,” then such access could be exploited by “sophisticated, foreign government hackers,” too.

“My time is up, general. Just a yes-or-no answer to the question, with respect to what experts are saying,” Wyden said. “Experts are saying that the tech companies can’t modify their encryption to permit law enforcement access to Americans’ private communications without the bad guys getting in, too. Do you disagree with the experts, that’s just a yes or no.”

Wyden, a staunch encryption advocate in the Senate, interpreted Lt. Gen. Nakasone’s answer positively. “That’s encouraging as well,” Wyden said. “I look forward to working with you in the days ahead.”

Senate Intelligence Committee Chairman Richard Burr (R-NC), at the close of the hearing, said he would like to swiftly move Lt. Gen. Nakasone’s nomination further. If other Senators have the opportunity to question Lt. Gen. Nakasone about his potential leadership of the NSA, we hope they ask pointed, necessary questions about the agency’s still-ongoing surveillance program Section 702, and how the nominee plans to reconcile the agency’s widespread, invasive spying program with Americans’ constitutional right to privacy.

Related Updates

Hiperderecho, the leading digital rights organization in Peru, in collaboration with the Electronic Frontier Foundation, today launched its second ¿Quien Defiende Tus Datos? (Who Defends Your Data?), an evaluation of the privacy practices of the Internet Service Providers (ISPs) that millions of Peruvians use every day. This year's...

The California Consumer Privacy Act (CCPA) requires the California Attorney General to take input from the public on regulations to implement the law, which does not go into effect until 2020. The Electronic Frontier Foundation has filed comments on two issues: first, how to verify consumer requests to companies for...

Ever since the Cambridge Analytica scandal last summer, consumer data privacy has been a hot topic in Congress. The witness table has been dominated by the biggest platforms, with those in lockstep with the tech giants earning the vast majority of attention. However, this week marked the first time that...

We urged the Florida Supreme Court yesterday to review a closely-watched lawsuit to clarify the due process rights of defendants identified by facial recognition algorithms used by law enforcement. Specifically, we told the court that when facial recognition is secretly used on people later charged with a crime, those...

In his latest announcement, Facebook CEO Mark Zuckerberg embraces privacy and security fundamentals like end-to-end encrypted messaging. But announcing a plan is one thing. Implementing it is entirely another. And for those reading between the lines of Zuckerberg’s pivot-to-privacy manifesto, it’s clear that this isn’t just about privacy. It’s...

In back-to-back hearings last week, the House and the Senate discussed what, if anything, Congress should do about online privacy. Sounds fine—until you see who they invited. Congress should be seeking out multiple, diverse perspectives. But last week, both chambers largely invited industry advocates, eager to...

San Francisco - Technology is supposed to make our lives better, yet many big companies have products with big security and privacy holes that disrespect user control and put us all at risk. The Electronic Frontier Foundation (EFF) is launching a new project called “Fix It Already!” demanding repair...

Today we are announcing Fix It Already, a new way to show companies we're serious about the big security and privacy issues they need to fix. We are demanding fixes for different issues from nine tech companies and platforms, targeting social media companies, operating systems, and enterprise platforms on...

Update, 2:35 p.m.: The coalition of groups behind Privacy for All has grown since time of publishing. This update reflects the latest count. Privacy is a right. It is past time for California to ensure that the companies using secretive practices to make money off of our personal information treat...